SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   OpenSSL Vendors:   OpenSSL.org
(Red Hat Issues Fix for RH Linux) OpenSSL SSL/TLS Handshade Flaws May Let Remote Users Crash OpenSSL-based Applications
SecurityTracker Alert ID:  1010105
SecurityTracker URL:  http://securitytracker.com/id/1010105
CVE Reference:   CVE-2004-0079, CVE-2004-0081, CVE-2004-0112   (Links to External Site)
Date:  May 10 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.9.6c - 0.9.6k and 0.9.7a - 0.9.7c
Description:   Some vulnerabilities were reported in OpenSSL, primarily involving the processing of SSL/TLS protocol handshakes. A remote user can cause OpenSSL to crash.

It is reported that there is a null-pointer assignment in the do_change_cipher_spec() function [CVE: CVE-2004-0079]. A remote user can perform a specially crafted SSL/TLS handshake with a target server to cause OpenSSL to crash on the target system. This may cause the application using OpenSSL to crash.

All versions of OpenSSL from 0.9.6c to 0.9.6k inclusive and from 0.9.7a to 0.9.7c inclusive are reportedly vulnerable to this null-pointer bug.

It is also reported that there is a flaw in performing SSL/TLS handshakes using Kerberos ciphersuites [CVE: CVE-2004-0112]. A remote user can perform a specially crafted SSL/TLS handshake against a server that is using Kerberos ciphersuites to cause OpenSSL to crash on the target system.

OpenSSL versions 0.9.7a, 0.9.7b, and 0.9.7c are reported to be vulnerable to this Kerberos handshake bug.

It is also reported that a remote user may be able to cause OpenSSL to enter an infinite loop due to a flaw in a patch introduced in 0.9.6d [CVE: CVE-2004-0081].

The vendor credits Dr. Stephen Henson of the OpenSSL core team as well as Codenomicon for supplying their TLS Test Tool and Joe Orton of Red Hat for performing the majority of the testing.

Impact:   A remote user can cause OpenSSL to crash, which may cause an application using OpenSSL to crash. The specific impact depends on the application that uses the OpenSSL library.
Solution:   Red Hat has issued a fix for Red Hat Linux.

Red Hat Linux 7.2:

SRPM:
http://download.fedoralegacy.org/redhat/7.2/updates/SRPMS/openssl095a-0.9.5a-24.7.3.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/SRPMS/openssl-0.9.6b-36.7.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/SRPMS/openssl096-0.9.6-25.7.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl-devel-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl-perl-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl095a-0.9.5a-24.7.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl096-0.9.6-25.7.legacy.i386.rpm

i686:
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl-0.9.6b-36.7.legacy.i686.rpm

Red Hat Linux 7.3:

SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/openssl095a-0.9.5a-24.7.3.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/openssl-0.9.6b-36.7.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/openssl096-0.9.6-25.7.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl-devel-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl-perl-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl095a-0.9.5a-24.7.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl096-0.9.6-25.7.legacy.i386.rpm

i686:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl-0.9.6b-36.7.legacy.i686.rpm

Red Hat Linux 8.0:

SRPM:
http://download.fedoralegacy.org/redhat/8.0/updates/SRPMS/openssl095a-0.9.5a-24.8.legacy.src.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/SRPMS/openssl-0.9.6b-36.8.legacy.src.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/SRPMS/openssl096-0.9.6-24.8.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl-devel-0.9.6b-36.8.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl-0.9.6b-36.8.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl-perl-0.9.6b-36.8.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl095a-0.9.5a-24.8.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl096-0.9.6-24.8.legacy.i386.rpm

i686:
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl-0.9.6b-36.8.legacy.i686.rpm

The verification checksums are:

SHA1 sum Package Name

6125c0171b9bd2c49e2f206fa616c70310262085
7.2/updates/SRPMS/openssl095a-0.9.5a-24.7.3.legacy.src.rpm
296a86b860209645a73cdd081b03f3fb1d6e437d
7.2/updates/SRPMS/openssl096-0.9.6-25.7.legacy.src.rpm
2647596bc3e8d0090af0ea0e9841ba665872a729
7.2/updates/SRPMS/openssl-0.9.6b-36.7.legacy.src.rpm
fff610245bcd73fce6b78c0e7f4155cf0c627762
7.2/updates/i386/openssl095a-0.9.5a-24.7.3.legacy.i386.rpm
f678d1b885a8236301afb4f92da2d451599643ce
7.2/updates/i386/openssl096-0.9.6-25.7.legacy.i386.rpm
014a4d8fec25dde48ee8f8c14cc5250afc687542
7.2/updates/i386/openssl-0.9.6b-36.7.legacy.i386.rpm
c4403aff66cc3891418f2f4a5fc9632ed87c6f79
7.2/updates/i386/openssl-0.9.6b-36.7.legacy.i686.rpm
8b3fca54a08ae67a3ee5c5b6dfc0a166a31d9a1c
7.2/updates/i386/openssl-devel-0.9.6b-36.7.legacy.i386.rpm
bfb7a080b0afe36bba4de6431d68110cd30636aa
7.2/updates/i386/openssl-perl-0.9.6b-36.7.legacy.i386.rpm

6125c0171b9bd2c49e2f206fa616c70310262085
7.3/updates/SRPMS/openssl095a-0.9.5a-24.7.3.legacy.src.rpm
296a86b860209645a73cdd081b03f3fb1d6e437d
7.3/updates/SRPMS/openssl096-0.9.6-25.7.legacy.src.rpm
2647596bc3e8d0090af0ea0e9841ba665872a729
7.3/updates/SRPMS/openssl-0.9.6b-36.7.legacy.src.rpm
fff610245bcd73fce6b78c0e7f4155cf0c627762
7.3/updates/i386/openssl095a-0.9.5a-24.7.3.legacy.i386.rpm
f678d1b885a8236301afb4f92da2d451599643ce
7.3/updates/i386/openssl096-0.9.6-25.7.legacy.i386.rpm
014a4d8fec25dde48ee8f8c14cc5250afc687542
7.3/updates/i386/openssl-0.9.6b-36.7.legacy.i386.rpm
c4403aff66cc3891418f2f4a5fc9632ed87c6f79
7.3/updates/i386/openssl-0.9.6b-36.7.legacy.i686.rpm
8b3fca54a08ae67a3ee5c5b6dfc0a166a31d9a1c
7.3/updates/i386/openssl-devel-0.9.6b-36.7.legacy.i386.rpm
bfb7a080b0afe36bba4de6431d68110cd30636aa
7.3/updates/i386/openssl-perl-0.9.6b-36.7.legacy.i386.rpm

6b789ea67363c4a7f23cc1e1363c32509605d5b4
8.0/updates/SRPMS/openssl095a-0.9.5a-24.8.legacy.src.rpm
a13a09ee098c126ab7b452f13ae49cc870e0d5d2
8.0/updates/SRPMS/openssl096-0.9.6-24.8.legacy.src.rpm
95ab8bd7b6e649f3e7995830e8f15c3fd55e83bd
8.0/updates/SRPMS/openssl-0.9.6b-36.8.legacy.src.rpm
f15faf931188fcc4991cd692eba88ef4dd3e670e
8.0/updates/i386/openssl095a-0.9.5a-24.8.legacy.i386.rpm
5fad5ab9fdbbf48cd725cb9d7edb853f651b0893
8.0/updates/i386/openssl096-0.9.6-24.8.legacy.i386.rpm
bb6c9804df5d4214ca80474f2f3e87ddfe298908
8.0/updates/i386/openssl-0.9.6b-36.8.legacy.i386.rpm
d49da33be792303a8ea3295076b3a7e5c7a29ea1
8.0/updates/i386/openssl-0.9.6b-36.8.legacy.i686.rpm
7a2494d638beb99b939480fac7d27885b68137e8
8.0/updates/i386/openssl-devel-0.9.6b-36.8.legacy.i386.rpm
7a01c363409dae773a9b7b678abd5c511a580a62
8.0/updates/i386/openssl-perl-0.9.6b-36.8.legacy.i386.rpm

Vendor URL:  www.openssl.org/news/secadv_20040317.txt (Links to External Site)
Cause:   Boundary error, Exception handling error, State error
Underlying OS:  Linux (Red Hat Linux)
Underlying OS Comments:  7.2, 7.3, 8.0

Message History:   This archive entry is a follow-up to the message listed below.
Mar 17 2004 OpenSSL SSL/TLS Handshade Flaws May Let Remote Users Crash OpenSSL-based Applications



 Source Message Contents

Subject:  [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------
               Fedora Legacy Update Advisory

Synopsis:          Updated OpenSSL resolves security vulnerability
Advisory ID:       FLSA:1395
Issue date:        2004-05-08
Product:           Red Hat Linux
Keywords:          Security
Cross references:  https://bugzilla.fedora.us/show_bug.cgi?id=1395
CVE Names:         CAN-2003-0851 CAN-2004-0081
- -----------------------------------------------------------------------


- ---------------------------------------------------------------------
1. Topic:

Updated OpenSSL packages that fix remote denial of service vulnerabilities 
are now available.

2. Relevent releases/architectures:

Red Hat Linux 7.2 - i386 i686
Red Hat Linux 7.3 - i386 i686
Red Hat Linux 8.0 - i386 i686

3. Problem description:

OpenSSL is a toolkit that implements Secure Sockets Layer (SSL v2/v3) and 
Transport Layer Security (TLS v1) protocols as well as a full-strength 
general purpose cryptography library.

Testing performed by the OpenSSL group using the Codenomicon TLS Test Tool 
uncovered a bug in older versions of OpenSSL 0.9.6 prior to 0.9.6d that 
can lead to a denial of service attack (infinite loop).  The Common 
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the 
name CAN-2004-0081 to this issue.

Testing performed by Novell using a test suite provided by NISCC uncovered 
an issue in the ASN.1 parser in versions of OpenSSL 0.9.6 prior to 0.9.6l 
which could cause large recursion and possibly lead to a denial of service 
attack if used where stack space is limited.  The Common Vulnerabilities 
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0851 
to this issue.

These updated packages contain patches provided by the OpenSSL group that 
protect against these issues.

NOTE: Because server applications are affected by this issue, users are 
advised to either restart all services using OpenSSL functionality or 
restart their system after installing these updated packages.

Fedora Legacy would like to thank Michal Jaegermann for bringing this issue 
to our attention.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those 
RPMs which are currently installed will be updated.  Those RPMs which are 
not installed but included in the list will not be updated.  Note that you 
can also use wildcards (*.rpm) if your current directory *only* contains 
the desired RPMs.

Please note that this update is also available via yum and apt.  Many 
people find this an easier way to apply updates.  To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the appropriate 
RPMs being upgraded on your system.  This assumes that you have yum or 
apt-get configured for obtaining Fedora Legacy content. Please visit 
http://www.fedoralegacy.org/docs for directions on how to configure yum 
and apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us - 1395 - openssl vulnerabilties to remote DoS 
attack

6. RPMs required:

Red Hat Linux 7.2:

SRPM:
http://download.fedoralegacy.org/redhat/7.2/updates/SRPMS/openssl095a-0.9.5a-24.7.3.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/SRPMS/openssl-0.9.6b-36.7.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/SRPMS/openssl096-0.9.6-25.7.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl-devel-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl-perl-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl095a-0.9.5a-24.7.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl096-0.9.6-25.7.legacy.i386.rpm

i686:
http://download.fedoralegacy.org/redhat/7.2/updates/i386/openssl-0.9.6b-36.7.legacy.i686.rpm

Red Hat Linux 7.3:

SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/openssl095a-0.9.5a-24.7.3.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/openssl-0.9.6b-36.7.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/openssl096-0.9.6-25.7.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl-devel-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl-perl-0.9.6b-36.7.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl095a-0.9.5a-24.7.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl096-0.9.6-25.7.legacy.i386.rpm

i686:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssl-0.9.6b-36.7.legacy.i686.rpm

Red Hat Linux 8.0:

SRPM:
http://download.fedoralegacy.org/redhat/8.0/updates/SRPMS/openssl095a-0.9.5a-24.8.legacy.src.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/SRPMS/openssl-0.9.6b-36.8.legacy.src.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/SRPMS/openssl096-0.9.6-24.8.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl-devel-0.9.6b-36.8.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl-0.9.6b-36.8.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl-perl-0.9.6b-36.8.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl095a-0.9.5a-24.8.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl096-0.9.6-24.8.legacy.i386.rpm

i686:
http://download.fedoralegacy.org/redhat/8.0/updates/i386/openssl-0.9.6b-36.8.legacy.i686.rpm


7. Verification:

SHA1 sum                                 Package Name
- ---------------------------------------------------------------------------

6125c0171b9bd2c49e2f206fa616c70310262085  
7.2/updates/SRPMS/openssl095a-0.9.5a-24.7.3.legacy.src.rpm
296a86b860209645a73cdd081b03f3fb1d6e437d  
7.2/updates/SRPMS/openssl096-0.9.6-25.7.legacy.src.rpm
2647596bc3e8d0090af0ea0e9841ba665872a729  
7.2/updates/SRPMS/openssl-0.9.6b-36.7.legacy.src.rpm
fff610245bcd73fce6b78c0e7f4155cf0c627762  
7.2/updates/i386/openssl095a-0.9.5a-24.7.3.legacy.i386.rpm
f678d1b885a8236301afb4f92da2d451599643ce  
7.2/updates/i386/openssl096-0.9.6-25.7.legacy.i386.rpm
014a4d8fec25dde48ee8f8c14cc5250afc687542  
7.2/updates/i386/openssl-0.9.6b-36.7.legacy.i386.rpm
c4403aff66cc3891418f2f4a5fc9632ed87c6f79  
7.2/updates/i386/openssl-0.9.6b-36.7.legacy.i686.rpm
8b3fca54a08ae67a3ee5c5b6dfc0a166a31d9a1c  
7.2/updates/i386/openssl-devel-0.9.6b-36.7.legacy.i386.rpm
bfb7a080b0afe36bba4de6431d68110cd30636aa  
7.2/updates/i386/openssl-perl-0.9.6b-36.7.legacy.i386.rpm
 
6125c0171b9bd2c49e2f206fa616c70310262085  
7.3/updates/SRPMS/openssl095a-0.9.5a-24.7.3.legacy.src.rpm
296a86b860209645a73cdd081b03f3fb1d6e437d  
7.3/updates/SRPMS/openssl096-0.9.6-25.7.legacy.src.rpm
2647596bc3e8d0090af0ea0e9841ba665872a729  
7.3/updates/SRPMS/openssl-0.9.6b-36.7.legacy.src.rpm
fff610245bcd73fce6b78c0e7f4155cf0c627762  
7.3/updates/i386/openssl095a-0.9.5a-24.7.3.legacy.i386.rpm
f678d1b885a8236301afb4f92da2d451599643ce  
7.3/updates/i386/openssl096-0.9.6-25.7.legacy.i386.rpm
014a4d8fec25dde48ee8f8c14cc5250afc687542  
7.3/updates/i386/openssl-0.9.6b-36.7.legacy.i386.rpm
c4403aff66cc3891418f2f4a5fc9632ed87c6f79  
7.3/updates/i386/openssl-0.9.6b-36.7.legacy.i686.rpm
8b3fca54a08ae67a3ee5c5b6dfc0a166a31d9a1c  
7.3/updates/i386/openssl-devel-0.9.6b-36.7.legacy.i386.rpm
bfb7a080b0afe36bba4de6431d68110cd30636aa  
7.3/updates/i386/openssl-perl-0.9.6b-36.7.legacy.i386.rpm
 
6b789ea67363c4a7f23cc1e1363c32509605d5b4  
8.0/updates/SRPMS/openssl095a-0.9.5a-24.8.legacy.src.rpm
a13a09ee098c126ab7b452f13ae49cc870e0d5d2  
8.0/updates/SRPMS/openssl096-0.9.6-24.8.legacy.src.rpm
95ab8bd7b6e649f3e7995830e8f15c3fd55e83bd  
8.0/updates/SRPMS/openssl-0.9.6b-36.8.legacy.src.rpm
f15faf931188fcc4991cd692eba88ef4dd3e670e  
8.0/updates/i386/openssl095a-0.9.5a-24.8.legacy.i386.rpm
5fad5ab9fdbbf48cd725cb9d7edb853f651b0893  
8.0/updates/i386/openssl096-0.9.6-24.8.legacy.i386.rpm
bb6c9804df5d4214ca80474f2f3e87ddfe298908  
8.0/updates/i386/openssl-0.9.6b-36.8.legacy.i386.rpm
d49da33be792303a8ea3295076b3a7e5c7a29ea1  
8.0/updates/i386/openssl-0.9.6b-36.8.legacy.i686.rpm
7a2494d638beb99b939480fac7d27885b68137e8  
8.0/updates/i386/openssl-devel-0.9.6b-36.8.legacy.i386.rpm
7a01c363409dae773a9b7b678abd5c511a580a62  
8.0/updates/i386/openssl-perl-0.9.6b-36.8.legacy.i386.rpm

These packages are GPG signed by Fedora Legacy for security.  Our key is
available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:

    sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0851
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0081
https://rhn.redhat.com/errata/RHSA-2004-119.html
https://bugzilla.fedora.us/show_bug.cgi?id=1395


9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More
project details at http://www.fedoralegacy.org

- ---------------------------------------------------------------------

- -- 
Jesse Keating RHCE	(http://geek.j2solutions.net)
Fedora Legacy Team	(http://www.fedoralegacy.org)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAnQ1M4v2HLvE71NURAn5/AJ0VIZVW0sE5bgCtYGuUgQfx1RrcNQCguLPc
Ykda1gyXWPnCmEcqzx1IPRw=
=4X2Q
-----END PGP SIGNATURE-----


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC